https://pulumi.com logo
#aws
Title
# aws
p

powerful-furniture-83753

10/20/2021, 12:51 PM
Hey folks! Using a lambda running a docker image, we're having issues that pushing a new image with a
latest
tag isn't updating the lambda. How can we force the lambda to refetch the docker image? Or do we have to have well named version tags and that then forces the lambda to update?
g

great-sunset-355

10/20/2021, 2:48 PM
hmm using any image with the
latest
tag is not a good idea, so I'd listen to the service and rather tag the image with commit SHA (or version or anything) on rebuild. And simple dev purposes you can always push 2 tags. 1 with SHA and 2nd latest
p

powerful-furniture-83753

10/20/2021, 2:54 PM
Ye, that's exactly what our work around is, but I'd still like to know if this is possible. I can definitely see use cases where you don't want to have to reconfigure a lambda every time an image updates.
g

great-sunset-355

10/21/2021, 6:41 AM
I think this is by design so Pulumi has nothing to do with it. https://docs.aws.amazon.com/cli/latest/reference/lambda/update-function-code.html#description The best you can do is to work around it with yet another lambda triggered by ECR and it will update the target lambdas image. The problem with
latest
and
lambda
is concurrency. Imagine your lambda is executed 100k times in parallel with a small-time drift. And somewhere in between 50k - 70k you update the image. You'd end up with half of your code executed using a new version and half the old version. (pure nightmare) Alternative would be that lambda has to pull the image every time, but that's not possible because of Cold/Hot state lambda has. So any use cases considering not updating the lambda should be seriously reconsidered or use a different service.